Re: [Asrg] A Technique for Universal Authentication

[John Levine <asrg at johnlevine.com>]

>> Recognizing mail from known correspondents is a very thoroughly solved
>> problem.

>I agree, yet my system is designed to recognize mail from unknown sources.

I don't see you proposing anything that S/MIME doesn't do better.  If
you S/MIME sign all your mail, each message has the key that
recipients need to recognize future mail from you, and existing MUA
address books already support it.

>> But the spam problem is not the same as the introduction problem. ...

>Again, updates by a minuscule number of MUAs effectively eliminates the
>introduction problem for this system.  Discussion lists like this one would
>never face the introduction problem if the administrator used one of the
>popular MUAs

Right, so if I am a spammer, I need only subscribe to high-traffic lists,
collect the subaddresses as they come by, and then blast away.

> Tracking all of the sub-addresses does not strike me as a
> strenuous task in an age where we have email systems that hash every email.

This might be a good time to review the difference between O(N) and O(N^2).

Incidentally, if you think this is such a good idea, why don't you
write a Thunderbird add-in to support it?  It's all open source, you
know.

R's,
John

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg